Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yNOFZpezjTOXNSrnS4hHqD6q8Ss.roa
File: yNOFZpezjTOXNSrnS4hHqD6q8Ss.roa (raw, json)
Hash identifier: m7FxoMnQzWy0zQ3st+DReWtbPLXI2ayeIz2yE4uM0EU=
Subject key identifier: C8:D3:85:66:97:B3:8D:33:97:35:2A:E7:4B:88:47:A8:3E:AA:F1:2B
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B5619CAFF9F07090DF879FA94F0B6
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yNOFZpezjTOXNSrnS4hHqD6q8Ss.roa
Signing time: Tue 02 Jan 2024 12:34:46 +0000
ROA not before: Tue 02 Jan 2024 12:34:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 185.120.35.0/24 maxlen: 24
213.190.22.0/24 maxlen: 32
2a06:7a00::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Mar 2024 13:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:56:19:ca:ff:9f:07:09:0d:f8:79:fa:94:f0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8d3856697b38d3397352ae74b8847a83eaaf12b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b8:ab:d5:9f:3b:84:ab:34:ab:d5:af:b4:e2:
bb:ee:d9:ef:16:da:f7:94:28:d3:df:77:fd:91:af:
15:59:70:47:21:f8:e8:e1:33:f2:00:11:7f:e9:ba:
52:da:34:bd:4c:95:46:30:7f:21:b3:15:a4:82:f2:
7d:93:ca:d5:c8:59:91:e1:3d:c9:09:81:70:03:dd:
f9:4e:32:47:15:ed:39:9c:85:c3:3d:5e:57:be:2d:
d9:8c:6d:ca:7b:ee:81:93:ad:a2:ff:98:b3:f9:ac:
a4:58:04:64:54:37:5c:dc:af:f2:fa:fc:78:61:5f:
11:92:f5:96:28:eb:22:cf:d8:e7:6f:ed:da:00:9d:
b6:85:d9:c0:93:73:44:d7:0f:59:10:5f:7b:61:f4:
1d:2c:ef:9e:99:59:d9:1b:dc:49:b2:ee:bf:c0:5d:
53:fa:bf:3d:77:64:5d:70:0f:f4:90:52:1f:04:f4:
75:da:d7:0d:28:7d:ba:f2:f2:48:e9:ea:17:e1:12:
f5:ed:c0:e0:20:8e:94:a4:36:bd:42:e1:8c:c0:1e:
d8:e9:86:98:a7:8b:21:9c:a4:60:d6:1d:8f:a6:2f:
ab:11:0a:db:f3:92:f5:f2:e0:cd:25:1b:40:70:17:
ba:98:0d:79:8a:26:20:a0:ae:7d:c8:fe:86:8a:7e:
65:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D3:85:66:97:B3:8D:33:97:35:2A:E7:4B:88:47:A8:3E:AA:F1:2B
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/yNOFZpezjTOXNSrnS4hHqD6q8Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.35.0/24
213.190.22.0/24
IPv6:
2a06:7a00::/48
Signature Algorithm: sha256WithRSAEncryption
4e:92:42:8c:a5:b0:75:93:52:c8:2a:5d:25:df:3a:08:40:48:
36:cc:96:35:93:c5:5d:de:84:30:3c:57:da:51:ab:cc:3a:92:
d3:f9:c7:33:94:ae:c1:0c:3a:f3:e5:15:82:9e:cd:b9:ad:5a:
98:39:29:a9:5a:d7:f3:b5:85:ec:e3:fb:8e:ba:d8:c6:d1:91:
1e:9d:af:55:65:ec:85:fd:77:3f:1c:5c:29:35:56:4d:17:55:
61:c6:69:7b:7f:0f:66:94:c3:14:4c:7c:cb:0c:66:d0:8b:2d:
1c:08:65:4e:81:fb:c1:b9:81:b8:8a:9a:06:1c:80:39:67:f7:
6a:ab:a5:87:03:3e:f7:c9:35:8d:4a:45:3a:83:c7:b3:d0:83:
6e:b4:0b:40:31:67:39:e3:05:5b:29:b3:99:25:c9:24:fc:09:
aa:f8:46:bf:32:e1:2f:21:74:ae:57:24:05:81:04:99:86:d5:
c6:97:22:d2:6a:26:c1:d8:d9:6f:89:98:c6:17:cb:94:0f:6d:
8d:75:98:fb:97:03:22:31:58:0c:36:a1:de:b9:66:7e:91:52:
5d:e5:fe:6e:75:a8:7b:d9:83:d0:d9:4c:0a:97:e1:3a:00:4b:
39:7a:61:e4:97:de:8e:8e:da:a9:ca:ae:97:e9:ab:17:e0:10:
36:d9:56:cc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKK1YZyv+fBwkN+Hn6lPC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGQzODU2Njk3YjM4ZDMzOTczNTJhZTc0Yjg4NDdhODNlYWFmMTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLir1Z87hKs0q9WvtOK77tnvFtr3
lCjT33f9ka8VWXBHIfjo4TPyABF/6bpS2jS9TJVGMH8hsxWkgvJ9k8rVyFmR4T3J
CYFwA935TjJHFe05nIXDPV5Xvi3ZjG3Ke+6Bk62i/5iz+aykWARkVDdc3K/y+vx4
YV8RkvWWKOsiz9jnb+3aAJ22hdnAk3NE1w9ZEF97YfQdLO+emVnZG9xJsu6/wF1T
+r89d2RdcA/0kFIfBPR12tcNKH268vJI6eoX4RL17cDgII6UpDa9QuGMwB7Y6YaY
p4shnKRg1h2Ppi+rEQrb85L18uDNJRtAcBe6mA15iiYgoK59yP6Gin5l8wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMjThWaXs40zlzUq50uIR6g+qvErMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEveU5PRlpwZXpqVE9YTlNyblM0aEhxRDZxOFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuXgjAwQA
1b4WMA8EAgACMAkDBwAqBnoAAAAwDQYJKoZIhvcNAQELBQADggEBAE6SQoylsHWT
UsgqXSXfOghASDbMljWTxV3ehDA8V9pRq8w6ktP5xzOUrsEMOvPlFYKezbmtWpg5
Kala1/O1hezj+4662MbRkR6dr1Vl7IX9dz8cXCk1Vk0XVWHGaXt/D2aUwxRMfMsM
ZtCLLRwIZU6B+8G5gbiKmgYcgDln92qrpYcDPvfJNY1KRTqDx7PQg260C0AxZznj
BVsps5klyST8Car4Rr8y4S8hdK5XJAWBBJmG1caXItJqJsHY2W+JmMYXy5QPbY11
mPuXAyIxWAw2od65Zn6RUl3l/m51qHvZg9DZTAqX4ToASzl6YeSX3o6O2qnKrpfp
qxfgEDbZVsw=
-----END CERTIFICATE-----
Generated at Fri Mar 1 16:07:45 2024 by rpki-client on console-ams.rpki-client.org